---
# Configuration for the fedoauth webapp

- name: clean yum metadata
  command: yum clean all
  tags:
  - packages

- name: install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - fedoauth
  - fedoauth-template-fedora
  - fedoauth-backend-fedora
  - fedoauth-provider-openid
  - fedoauth-provider-persona
  - python-psycopg2
  - libsemanage-python
  tags:
  - packages

- name: copy fedoauth configuration
  template: src=fedoauth.cfg
            dest=/etc/fedoauth/fedoauth.cfg
            owner=fedoauth group=fedoauth mode=0600
  tags:
  - config
  notify:
  - restart apache

- name: copy fedoauth logging configuration
  template: src=fedoauth.log.cfg
            dest=/etc/fedoauth/fedoauth.log.cfg
            owner=fedoauth group=fedoauth mode=0600
  tags:
  - config
  notify:
  - restart apache

- name: copy fedoauth private key
  copy: src={{ private }}/files/fedoauth/persona.key dest=/etc/fedoauth/persona.key
        owner=fedoauth group=fedoauth mode=0600
  when: env != "staging"

- name: copy fedoauth STG private key
  copy: src={{ private }}/files/fedoauth/persona.stg.key dest=/etc/fedoauth/persona.stg.key
        owner=fedoauth group=fedoauth mode=0600
  when: env == "staging"

- name: create the database scheme
  command: /usr/bin/python2 /usr/share/fedoauth/createdb.py
  environment:
      FEDOAUTH_CONFIG: /etc/fedoauth/fedoauth.cfg

#- name: Clean the database
#  command: /usr/bin/python2 /usr/share/fedoauth/cleanup.py
#  environment:
#      FEDOAUTH_CONFIG: /etc/fedoauth/fedoauth.cfg

- name: set sebooleans so fedoauth can talk to the db
  action: seboolean name=httpd_can_network_connect_db
                    state=true
                    persistent=true

- name: set sebooleans so fedoauth can send error logs
  action: seboolean name=httpd_can_network_connect
                    state=true
                    persistent=true

- name: apply selinux type to the wsgi file
  file: >
    dest=/usr/share/fedoauth/fedoauth.wsgi
    setype=httpd_sys_content_t
